[Preston] Re : Just installed Fedora Core 1
Andrew King
andrew at andrewsworld.org
Fri Jan 16 09:15:15 GMT 2004
Granville Cousins wrote:
>Hello PLUG,
>
>I've just installed Fedora Core 1 on the second hard disk on my
>desktop PC. I'm having trouble finding out how to get connected to
>the Internet and would like to know, when I do get connected, if and
>where I can get an AntiVirus programme. At present I am using AVG
>AntiVirus under Windows XP and for my email client I am using The
>Bat! This is an excellent email programme and is very configurable. I
>have a data base with round about 2,000 entries and divided up into
>directories so I would like to run this in Linux to. I have heard
>about a programme called Wine which allows Microsoft Windows
>programmes to run under Linux. Where would I get this?
>
>
Hi there,
Would you be looking for anti-virus to protect your Linux system, or,
say, to scan Windows executables as they pass through it on their way to
a Windows machine? If it's the latter, I know that at least Sophos and
AVG have LInux versions that (I think) work with the mailserver software
to scan them and so on. Wouldn't surprise me if you could run some of
them under WINE too - but all they'd be doing
If it's to protect your Linux system, I think I can say with some
certainty that it's just not usually considered as part of a security
model. It's all a bit dodgy IMO see; as they say elsewhere, prevention
is better than cure, and that definitely applies here: it's much better
to prevent malicious code from running on your system in the first place
than to let it run and then clean up afterwards (and hope that it didn't
do "rm -rf /" as it's first command :).
A few things that may help:
- Nearly all viruses out there at the moment are Windows executables,
and so simply won't run under Linux.
- Run a firewall, and use it to block all incoming TCP connection
requests (IMO, having any ports open to the outside world on a desktop
is asking for trouble) - and as many UDP ports as you can, too, like at
least all except 53.
- Make backups, just in case the worst does happen.
- Don't run anything as root unless you absolutely have to. I use Linux
as my only desktop o/s, and only need root once every few days - I think
it's fairly easy once you've got your system set up and so on.
- Pick a really strong root password - like
s,iudyf9os86"*&IL^R?*^?LR*OLA*^RITLSVCluiysdfue4346std or something (but
one that you can remember) - long, mixed case, numbers and weird symbols
all mixed together. Makes it harder to get brute forced, just if they do
get a password prompt.
- My own personal one: don't run anything that you can't get the source
code for, and only run things that you got from trusted sources. It
makes sense to verify things with md5 checksums and PGP signatures too.
There's more - feel free to ask and stuff - but I think you'll find that
it generally avoids a virus checker. One thing that comes close to kind
of being a virus checker is "chkrootkit". Really though, if you've had
any kind of malicious code run on your system, it's safer to wipe the
old install and start from scratch - you just don't know what they've
done or how many backdoors there are in your system. If they may have
had root, you don't even know that commands such as ls, ps or top are
telling the truth any more.
I find that Linux makes a great replacement to Windows for a few reasons:
- I can rely on my system a lot more. Individual programs don't randomly
hang up and have to be terminated from the outside as they do under
Windows XP (we're all used to seeing that "End Now or Cancel?" box under
Win2k/XP many times a day, right?), and it's nice that opening the
CD-ROM drive doesn't take your whole system down either :)
- It's free, and there's software to do a huge amount of things under it
that's also free.
- Security, viruses, spam, unwanted advertising, popup windows and other
privacy and security issues are much less of a worry. Nearly all spam
sent to me just goes into a 'Spam' folder and gets marked read
automatically. Most of that's probably possible under Windows, but it's
a lot of messing about, and always less reliable.
- Nag screens, activation, product keys and the rest of it are all a
thing of the past :)
- Beacuse it comes with source code, the authors generally don't bother
spying on you, since they'd be found out pretty quickly.
- You can get things /just/ how you want them - there's just no limit to
how much you can customise stuff.
There's probably more, but I have to go and do some work :)
Hope this helps. If anyone thinks I've got anything wrong above btw,
please make a mention of it so that we're not giving out misinformation.
Andrew
More information about the Preston
mailing list